Re: Disk Encryption for remote XP machines.



On Jan 27, 2:26 pm, Regis <ord...@xxxxxxxxx> wrote:
Mike <mikere...@xxxxxxxxxxxxxx> writes:
Hi
I'm trying to get around a particularly thorny issue of how to
authenticate an encrypted disk instead of using a password or token.
Remote machines need to be able to reboot and startup (autologon)
without any user input or extra token hardware. I'd like to be able to
somehow tie the authentication to the actual device (CPU id?) or
network that the PC sits on. If the disk is removed from the device
(and hence the network) it should remain unreadable as a boot device
or using an external housing. The disk does not need to be recovered
and is essentially a dispoable item.
Any ideas? Suggestions?

Tis an interesting problem. I'm not aware of a solution that's out
there.  True Crypt is open source, though, so rolling your own I
assume would be allowed.  http://www.truecrypt.org/downloads2

Thanks, I'll take a look.

But I'm curious though what situation there is where this security
model makes a lot of sense though.

If the disk gets stolen and you want to be protected by disk
encryption, that's all well and good, but I'm trying to envision a
situation where a disk getting stolen is possible/likely, but the
entire machine getting picked up and taken away is not.

Without wanting to give too much away it's a PC encapsulated in a Safe
which is bolted to the floor. Used by many 'customers' and card
activated in order to perform certain financial transactions (can you
guess what it is yet?).
If an engineer visits to perform an upgrade or repair this is often
acheived by a disk swap, and the old disk may be 'lost' by the
engineer.
.



Relevant Pages

  • Disk Encryption for remote XP machines.
    ... authenticate an encrypted disk instead of using a password or token. ... Remote machines need to be able to reboot and startup ... network that the PC sits on. ...
    (alt.computer.security)
  • Re: Disk Encryption for remote XP machines.
    ... authenticate an encrypted disk instead of using a password or token. ... network that the PC sits on. ...
    (alt.computer.security)
  • Cryptic Disk Professional Edition 3.0.27.543
    ... Protecting your information can cost money - but not protecting it can ... Cryptic Disk creates virtual encrypted disks and also ... and password entered by the user when creating the encrypted disk. ...
    (comp.software.shareware.announce)
  • Re: Disk encryption questions
    ... } disk, with softlinks from the original disk to there. ... } information about the encrypted disk, ... and simply doesn't mount if the password is wrong. ... Linux kernel encryption is basically a loop on a block device. ...
    (Debian-User)
  • Re: Mac OS X stores login/Keychain/FileVault passwords on disk
    ... We'll start by grabbing the volume name of an AES128 encrypted disk ... AES128 encrypted disk image. ... The swapfiles are deleted on startup -- this means even a clean ...
    (Bugtraq)